/*############################################################################ # Copyright 2016-2017 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ############################################################################*/ /*! * \file * \brief Member unit tests. */ #include <cstring> #include <vector> #include "epid/common-testhelper/epid_gtest-testhelper.h" #include "gtest/gtest.h" #include "epid/common-testhelper/epid2params_wrapper-testhelper.h" #include "epid/common-testhelper/errors-testhelper.h" #include "epid/common-testhelper/mem_params-testhelper.h" #include "epid/common-testhelper/prng-testhelper.h" #include "epid/member/tpm2/unittests/tpm2-testhelper.h" #include "epid/member/unittests/member-testhelper.h" extern "C" { #include "epid/member/api.h" #include "epid/member/src/context.h" #include "epid/member/src/storage.h" #include "epid/member/src/write_precomp.h" #include "epid/member/tpm2/nv.h" } bool operator==(MemberPrecomp const& lhs, MemberPrecomp const& rhs) { return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs)); } /// compares GroupPubKey values bool operator==(GroupPubKey const& lhs, GroupPubKey const& rhs); /// compares MembershipCredential values bool operator==(MembershipCredential const& lhs, MembershipCredential const& rhs); namespace { ////////////////////////////////////////////////////////////////////////// // EpidMemberDeinit Tests TEST_F(EpidMemberTest, DeinitWorksGivenNullMemberCtx) { EpidMemberDeinit(nullptr); } ////////////////////////////////////////////////////////////////////////// // EpidMemberGetSize Tests TEST_F(EpidMemberTest, GetSizeFailsGivenNullParams) { size_t ctx_size = 0; MemberParams params = {0}; EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(¶ms, nullptr)); EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(nullptr, &ctx_size)); EXPECT_EQ(kEpidBadArgErr, EpidMemberGetSize(nullptr, nullptr)); } ////////////////////////////////////////////////////////////////////////// // EpidMemberGetSize Tests TEST_F(EpidMemberTest, GetSizeWorksGivenValidParams) { size_t ctx_size = 0; Prng my_prng; MemberParams params = {0}; SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); } ////////////////////////////////////////////////////////////////////////// // EpidMemberInit Tests TEST_F(EpidMemberTest, InitFailsGivenNullParameters) { size_t ctx_size = 0; MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; std::vector<uint8_t> ctx_buf; SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); ctx_buf.resize(ctx_size); ctx = (MemberCtx*)&ctx_buf[0]; EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(nullptr, nullptr)); EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(¶ms, nullptr)); EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(nullptr, ctx)); } TEST_F(EpidMemberTest, InitFailsGivenInvalidParameters) { FpElemStr f = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, }; size_t ctx_size = 0; MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; std::vector<uint8_t> ctx_buf; SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); ctx_buf.resize(ctx_size); ctx = (MemberCtx*)&ctx_buf[0]; EXPECT_EQ(kEpidBadArgErr, EpidMemberInit(¶ms, ctx)); } TEST_F(EpidMemberTest, InitSucceedsGivenValidParameters) { FpElemStr f = { 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, }; size_t ctx_size = 0; MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; std::vector<uint8_t> ctx_buf; SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); ctx_buf.resize(ctx_size); ctx = (MemberCtx*)&ctx_buf[0]; EXPECT_EQ(kEpidNoErr, EpidMemberInit(¶ms, ctx)); EpidMemberDeinit(ctx); } TEST_F(EpidMemberTest, InitSucceedsGivenValidParametersWithNoF) { size_t ctx_size = 0; MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; std::vector<uint8_t> ctx_buf; SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberGetSize(¶ms, &ctx_size)); ctx_buf.resize(ctx_size); ctx = (MemberCtx*)&ctx_buf[0]; EXPECT_EQ(kEpidNoErr, EpidMemberInit(¶ms, ctx)); EpidMemberDeinit(ctx); } ////////////////////////////////////////////////////////////////////////// // EpidMemberDelete Tests TEST_F(EpidMemberTest, DeleteWorksGivenNullMemberCtx) { EpidMemberDelete(nullptr); MemberCtx* member_ctx = nullptr; EpidMemberDelete(&member_ctx); } TEST_F(EpidMemberTest, DeleteNullsMemberCtx) { MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); THROW_ON_EPIDERR(EpidMemberCreate(¶ms, &ctx)); EpidMemberDelete(&ctx); EXPECT_EQ(nullptr, ctx); } ////////////////////////////////////////////////////////////////////////// // EpidMemberCreate Tests // test that create fails if any mandatory parameters are NULL TEST_F(EpidMemberTest, CreateFailsGivenNullParameters) { MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(nullptr, &ctx)); SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, nullptr)); SetMemberParams(nullptr, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, nullptr)); } TEST_F(EpidMemberTest, CreateFailsGivenInvalidParameters) { MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; FpElemStr f = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, }; SetMemberParams(&Prng::Generate, &my_prng, &f, ¶ms); EXPECT_EQ(kEpidBadArgErr, EpidMemberCreate(¶ms, &ctx)); EpidMemberDelete(&ctx); } TEST_F(EpidMemberTest, CreateSucceedsGivenValidParameters) { MemberCtx* ctx = nullptr; Prng my_prng; MemberParams params = {0}; SetMemberParams(&Prng::Generate, &my_prng, nullptr, ¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberCreate(¶ms, &ctx)); EpidMemberDelete(&ctx); } ////////////////////////////////////////////////////////////////////////// // EpidMemberStartup TEST_F(EpidMemberTest, StartupFailsGivenNullParameters) { EXPECT_EQ(kEpidBadArgErr, EpidMemberStartup(nullptr)); } TEST_F(EpidMemberTest, StartupSucceedsGivenValidParameters) { Prng prng; GroupPubKey pub_key = this->kGroupPublicKey; PrivKey priv_key = this->kMemberPrivateKey; MemberParams params = {0}; SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms); MemberCtxObj member(¶ms); EXPECT_EQ(kEpidNoErr, EpidProvisionKey(member, &pub_key, &priv_key, nullptr)); MembershipCredential credential_expected = ((MemberCtx*)member)->credential; // reset member credential to test if startup reads them from NV memory // correctly ((MemberCtx*)member)->pub_key = {0}; ((MemberCtx*)member)->credential = {0}; EXPECT_EQ(kEpidNoErr, EpidMemberStartup(member)); EXPECT_EQ(pub_key, ((MemberCtx*)member)->pub_key); EXPECT_EQ(credential_expected, ((MemberCtx*)member)->credential); } ////////////////////////////////////////////////////////////////////////// // EpidMemberSetHashAlg TEST_F(EpidMemberTest, SetHashAlgFailsGivenNullPtr) { EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(nullptr, kSha256)); } TEST_F(EpidMemberTest, CanSetHashAlgoToSHA256) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha256)); } TEST_F(EpidMemberTest, CanSetHashAlgoToSHA384) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha384)); } TEST_F(EpidMemberTest, CanSetHashAlgoToSHA512) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha512)); } TEST_F(EpidMemberTest, CanSetHashAlgoToSHA512256) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); EXPECT_EQ(kEpidNoErr, EpidMemberSetHashAlg(member_ctx, kSha512_256)); } TEST_F(EpidMemberTest, SetHashAlgFailsForNonSupportedAlgorithm) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_256)); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_384)); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, kSha3_512)); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetHashAlg(member_ctx, (HashAlg)-1)); } ////////////////////////////////////////////////////////////////////////// // EpidMemberSetSigRl TEST_F(EpidMemberTest, SetSigRlFailsGivenNullPointer) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(nullptr, &srl, sizeof(SigRl))); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, nullptr, sizeof(SigRl))); } TEST_F(EpidMemberTest, SetSigRlFailsGivenZeroSize) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, 0)); } // Size parameter must be at least big enough for n2 == 0 case TEST_F(EpidMemberTest, SetSigRlFailsGivenTooSmallSize) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; EXPECT_EQ( kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, (sizeof(srl) - sizeof(srl.bk)) - 1)); srl.n2 = this->kOctStr32_1; EXPECT_EQ( kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, (sizeof(srl) - sizeof(srl.bk)) - 1)); } TEST_F(EpidMemberTest, SetSigRlFailsGivenN2TooBigForSize) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; srl.n2 = this->kOctStr32_1; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); } TEST_F(EpidMemberTest, SetSigRlFailsGivenN2TooSmallForSize) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl))); } TEST_F(EpidMemberTest, SetSigRlFailsGivenBadGroupId) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; srl.gid.data[0] = ~srl.gid.data[0]; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); } TEST_F(EpidMemberTest, SetSigRlFailsGivenEmptySigRlFromDifferentGroup) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); size_t sig_rl_size = this->kGrpXSigRl.size(); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); } TEST_F(EpidMemberTest, SetSigRlFailsGivenOldVersion) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}}; srl.gid = this->kGroupPublicKey.gid; srl.version = this->kOctStr32_1; EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); OctStr32 octstr32_0 = {0x00, 0x00, 0x00, 0x00}; srl.version = octstr32_0; EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, &srl, sizeof(srl) - sizeof(srl.bk))); } TEST_F(EpidMemberTest, SetSigRlPreservesOldRlOnFailure) { Prng my_prng; MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXSigrevokedMember0PrivKey, &Prng::Generate, &my_prng); SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); size_t sig_rl_size = this->kGrpXSigRl.size(); EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); // wrong sigrl contains revoked member0 and has lower version SigRl const* wrong_sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRlSingleEntry.data()); size_t wrong_sig_rl_size = this->kGrpXSigRlSingleEntry.size(); EXPECT_EQ(kEpidBadArgErr, EpidMemberSetSigRl(member_ctx, wrong_sig_rl, wrong_sig_rl_size)); auto& msg = this->kMsg0; std::vector<uint8_t> sig_data(EpidGetSigSize(sig_rl)); EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data()); size_t sig_len = sig_data.size() * sizeof(uint8_t); // Check that sigrevoked member is still in SigRl EXPECT_EQ(kEpidSigRevokedInSigRl, EpidSign(member_ctx, msg.data(), msg.size(), nullptr, 0, sig, sig_len)); } TEST_F(EpidMemberTest, SetSigRlWorksGivenValidSigRl) { Prng my_prng; MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXMember0PrivKey, &Prng::Generate, &my_prng); SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data()); size_t sig_rl_size = this->kGrpXSigRl.size(); EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); } TEST_F(EpidMemberTest, SetSigRlWorksGivenEmptySigRl) { Prng my_prng; MemberCtxObj member_ctx(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); uint8_t sig_rl_data_n2_zero[] = { // gid 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, // version 0x00, 0x00, 0x00, 0x00, // n2 0x0, 0x00, 0x00, 0x00, // not bk's }; SigRl* sig_rl = reinterpret_cast<SigRl*>(sig_rl_data_n2_zero); size_t sig_rl_size = sizeof(sig_rl_data_n2_zero); EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); } TEST_F(EpidMemberTest, SetSigRlWorksGivenSigRlWithOneEntry) { Prng my_prng; MemberCtxObj member_ctx(this->kGrpXKey, this->kGrpXMember0PrivKey, &Prng::Generate, &my_prng); SigRl const* sig_rl = reinterpret_cast<SigRl const*>(this->kGrpXSigRlSingleEntry.data()); size_t sig_rl_size = this->kGrpXSigRlSingleEntry.size(); EXPECT_EQ(kEpidNoErr, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); } TEST_F(EpidMemberTest, SetSigRlFailsIfNotProvisioned) { Prng my_prng; MemberCtxObj member_ctx(&Prng::Generate, &my_prng); uint8_t sig_rl_data[] = { // gid 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, // version 0x00, 0x00, 0x00, 0x00, // n2 0x0, 0x00, 0x00, 0x00, // not bk's }; SigRl* sig_rl = reinterpret_cast<SigRl*>(sig_rl_data); size_t sig_rl_size = sizeof(sig_rl_data); EXPECT_EQ(kEpidOutOfSequenceError, EpidMemberSetSigRl(member_ctx, sig_rl, sig_rl_size)); } ////////////////////////////////////////////////////////////////////////// // EpidRegisterBasename TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenNullPtr) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); std::vector<uint8_t> basename = {'_', 'b', 'a', 's', 'e', 'n', 'a', 'm', 'e'}; EXPECT_EQ(kEpidBadArgErr, EpidRegisterBasename(member, nullptr, basename.size())); EXPECT_EQ(kEpidBadArgErr, EpidRegisterBasename(nullptr, basename.data(), basename.size())); } TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenDuplicateBaseName) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); std::vector<uint8_t> basename = {'d', 'b', 'a', 's', 'e', 'n', 'a', 'm', 'e'}; EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, basename.data(), basename.size())); EXPECT_EQ(kEpidDuplicateErr, EpidRegisterBasename(member, basename.data(), basename.size())); } TEST_F(EpidMemberTest, RegisterBaseNameFailsGivenInvalidBaseName) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); std::vector<uint8_t> basename = {}; std::vector<uint8_t> basename2 = {'b', 's', 'n'}; EXPECT_EQ(kEpidBadArgErr, EpidRegisterBasename(member, basename.data(), basename.size())); EXPECT_EQ(kEpidBadArgErr, EpidRegisterBasename(member, basename2.data(), 0)); } TEST_F(EpidMemberTest, RegisterBaseNameSucceedsGivenUniqueBaseName) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); std::vector<uint8_t> basename = {'b', 's', 'n', '0', '1'}; EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, basename.data(), basename.size())); } TEST_F(EpidMemberTest, RegisterBaseNameSucceedsGivenMultipleUniqueBaseNames) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); std::vector<uint8_t> basename1 = {'b', 's', 'n', '0', '1'}; std::vector<uint8_t> basename2 = {'b', 's', 'n', '0', '2'}; std::vector<uint8_t> basename3 = {'b', 's', 'n', '0', '3'}; EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, basename1.data(), basename1.size())); EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, basename2.data(), basename2.size())); EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, basename3.data(), basename3.size())); // Verify that basenames registered succesfully EXPECT_EQ(kEpidDuplicateErr, EpidRegisterBasename(member, basename1.data(), basename1.size())); EXPECT_EQ(kEpidDuplicateErr, EpidRegisterBasename(member, basename2.data(), basename2.size())); EXPECT_EQ(kEpidDuplicateErr, EpidRegisterBasename(member, basename3.data(), basename3.size())); } TEST_F(EpidMemberTest, RegisterBaseNameSucceedsGivenBsnContainingAllPossibleBytes) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); EXPECT_EQ(kEpidNoErr, EpidRegisterBasename(member, this->kData_0_255.data(), this->kData_0_255.size())); } ////////////////////////////////////////////////////////////////////////// // EpidClearRegisteredBasenames TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesFailsGivenNullPtr) { EXPECT_EQ(kEpidBadArgErr, EpidClearRegisteredBasenames(nullptr)); } TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesClearsBasenames) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); THROW_ON_EPIDERR( EpidRegisterBasename(member, this->kBsn0.data(), this->kBsn0.size())); EXPECT_EQ(kEpidNoErr, EpidClearRegisteredBasenames(member)); // check, that after clearing EpidRegisterBasename works correctly THROW_ON_EPIDERR( EpidRegisterBasename(member, this->kBsn0.data(), this->kBsn0.size())); } TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesClearsAllBasenames) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); for (int i = 0; i < 3; ++i) { THROW_ON_EPIDERR(EpidRegisterBasename(member, &i, sizeof(i))); } EXPECT_EQ(kEpidNoErr, EpidClearRegisteredBasenames(member)); for (int i = 0; i < 3; ++i) { THROW_ON_EPIDERR(EpidRegisterBasename(member, &i, sizeof(i))); } } TEST_F(EpidMemberTest, EpidClearRegisteredBasenamesCausesSignWithBasenameAfterItToFail) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); auto& msg = this->kMsg0; auto& bsn = this->kBsn0; THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size())); std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr)); EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data()); size_t sig_len = sig_data.size() * sizeof(uint8_t); THROW_ON_EPIDERR(EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(), sig, sig_len)); THROW_ON_EPIDERR(EpidClearRegisteredBasenames(member)); ASSERT_EQ(kEpidBadArgErr, EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(), sig, sig_len)); } ////////////////////////////////////////////////////////////////////////// // EpidMemberWritePrecomp TEST_F(EpidMemberTest, MemberWritePrecompFailsGivenNullPointer) { MemberPrecomp precomp; Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); MemberCtx* ctx = member; EXPECT_EQ(kEpidBadArgErr, EpidMemberWritePrecomp(nullptr, &precomp)); EXPECT_EQ(kEpidBadArgErr, EpidMemberWritePrecomp(ctx, nullptr)); } TEST_F(EpidMemberTest, MemberWritePrecompSucceedGivenValidArgumentWithLoadedPrecomp) { MemberPrecomp precomp; Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); MemberCtx* ctx = member; EXPECT_EQ(kEpidNoErr, EpidMemberWritePrecomp(ctx, &precomp)); MemberPrecomp expected_precomp = this->kMemberPrecomp; EXPECT_EQ(expected_precomp, precomp); } TEST_F(EpidMemberTest, MemberWritePrecompSucceedGivenValidArgumentWithCalcPrecomp) { MemberPrecomp precomp; Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, &Prng::Generate, &my_prng); MemberCtx* ctx = member; EXPECT_EQ(kEpidNoErr, EpidMemberWritePrecomp(ctx, &precomp)); MemberPrecomp expected_precomp = this->kMemberPrecomp; EXPECT_EQ(expected_precomp, precomp); } TEST_F(EpidMemberTest, DefaultHashAlgIsSha512) { Prng my_prng; MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, this->kMemberPrecomp, &Prng::Generate, &my_prng); MemberCtx* ctx = member; EXPECT_EQ(kSha512, ctx->hash_alg); } #ifdef TPM_TSS ////////////////////////////////////////////////////////////////////////// // MemberCanLoadMembershipCredentialFromTpm TEST_F(EpidMemberTest, MemberCanLoadPreviouslyProvisionedMembershipCredentialFromTpm) { // Not clear that this test is valid or in the right place. Prng prng; Epid2ParamsObj epid2params; uint32_t const nv_index = 0x01c10100; GroupPubKey pub_key_expected = this->kGrpXKey; GroupPubKey pub_key; FpElemStr f = this->kGrpXMember9PrivKey.f; MembershipCredential credential_expected = {this->kGrpXMember9PrivKey.gid, this->kGrpXMember9PrivKey.A, this->kGrpXMember9PrivKey.x}; MembershipCredential credential; // Tpm2CtxObj calls Tpm2CreateContext() and sets // is_context_already_created=true. To call this function in // EpidMemberInit() successfully Tpm2DeleteContext() must be called. // Putting creation of Tpm2CtxObj object in a block solves it { // write credentials Tpm2CtxObj tpm(&Prng::Generate, &prng, nullptr, epid2params); THROW_ON_EPIDERR(EpidNvWriteMembershipCredential( tpm, &pub_key_expected, &credential_expected, nv_index)); // read credentials to confirm that credential has been really inserted EXPECT_EQ(kEpidNoErr, EpidNvReadMembershipCredential( tpm, nv_index, &pub_key, &credential)); EXPECT_EQ(pub_key_expected, pub_key); EXPECT_EQ(credential_expected, credential); } MemberParams params = {0}; SetMemberParams(&Prng::Generate, &prng, &f, ¶ms); MemberCtxObj member(¶ms); EXPECT_EQ(kEpidNoErr, EpidMemberStartup(member)); EXPECT_EQ(pub_key_expected, ((MemberCtx*)member)->pub_key); EXPECT_EQ(credential_expected, ((MemberCtx*)member)->credential); Tpm2NvUndefineSpace(((MemberCtx*)member)->tpm2_ctx, nv_index); } #endif } // namespace